Statement of CPNI Procedures

NebraskaLink, LLC (the Company) has implemented the following procedures to ensure that it is
compliant with Part 64 of Title 47 of the Code of Federal Regulations, Subpart U Customer Proprietary
Network Information (CPNI), 64.2001 through 64.2011.
Compliance Officer
The Company has appointed a CPNI Compliance Officer who is responsible for ensuring that the
Company is in compliance with all of the CPNI rules. The Compliance Officer is also the point of contact
for anyone (internally or externally) with questions about CPNI. The Compliance Officer will ensure that a
compliance certification signed by an officer of the Company is filed with the FCC by March 1 of each
year for data pertaining to the previous year.
Employee Training
The Compliance Officer arranges for the training of all employees on an annual basis and more frequently
as needed. Any new employee is trained when hired by the Company. The training includes, but is not
limited to, when employees are and are not authorized to use CPNI and the authentication methods the
Company is using. The detail of the training can differ based on whether or not the employee has access
to CPNI. If employees have any questions regarding the use of CPNI or if they are aware of CPNI being
used improperly by anyone, they are instructed to contact the Compliance Officer immediately.
The Company has established a disciplinary process for improper use of CPNI which is reviewed with
employees. The disciplinary action is based on the type and severity of the violation and could include
any or a combination of the following: retraining the employee on CPNI rules, notation in the employees
personnel file, formal written reprimand, suspension or termination.
Disclosure and Use of CPNI
The Company has not provided notification to its customers and has not asked for approval to use CPNI
because it does not use CPNI outside of the areas that are allowed without customer approval. Thus, the
status for all customers is that they have not given approval to use CPNI. The Company does not share
the customers CPNI with any joint venture partner, independent contractor or any other third party. If in
the future, the Company decides to ask customers for approval to use their CPNI, it will implement a
system by which the status of a customers CPNI approval can be clearly established prior to the use of
any CPNI.
Currently, the Company does not conduct any marketing campaigns that use customers CPNI. If the
Company decides to use CPNI for marketing purposes, the marketing campaign and the complete
process will be reviewed and approved by the Compliance Officer to make certain all CPNI rules are
followed. The Compliance Officer will be responsible for making sure that a complete record of the
campaign is documented and maintained for a minimum of one year.
The Company has established a process for authenticating customers and will not disclose any CPNI until
the customer has been appropriately authenticated. For an in-office visit, the customer must provide a
valid photo ID matching the customers account information. The Companys customer accounts do not
include call detail information.
The Company will promptly notify customers whenever a change is made to the customers address of
record. The notification will be sent to the customers old address of record.

Notification of Breaches
The Company takes reasonable measures to discover and protect against activity that is indicative of
pretexting including requiring employees to immediately notify the Compliance Officer of any indication of
suspicious activity. If it is determined that a breach has occurred, the Compliance Officer will do the
following:

Notify the United States Secret Service (USSS) and the Federal Bureau of Investigation (FBI) as
soon as practicable, but in no event later than 7 business days after determination of the breach.
The notification will be via the FCC link at http://www.fcc.gov/eb/cpni.

Notify customers only after 7 full business days have passed since notification to the USSS and
the FBI, unless the USSS or FBI has requested an extension.

If there is an urgent need to notify affected customers or the public sooner to avoid immediate
and irreparable harm, it will be done only after consultation with the relevant investigating agency.

Maintain a record of the breach, the notifications made to the USSS and FBI, and the notifications
made to customers. The record should include dates of discovery and notification, a detailed
description of the CPNI that was the subject of the breach, and the circumstances of the breach.

Include a summary of the breach in the annual compliance certificate filed with the FCC.

Record Retention
Following is the minimum retention period the Company has established for CPNI related information:

Marketing Campaigns one year

Breaches two years
Annual CPNI Certification permanently
All other information two years